Having Fun With PostgreSQLPostgreSQL is one of the most commonly used open source database management systems. This paper describes weaknesses in the PostgreSQL configuration that may be abused for privilege escalation, as well as remote command execution and the uploading of arbitrary files to the system.
Little Helper Scripts
SMB Search & Copy (smbsc)This shell script will connect to multiple hosts, mount the C$ share and then find and copy interesting files from the system. By default, it will find file that contain the string passw. The script is able to work parallel on multiple hosts.
Shells et al.
- Reverse ICMP Shell (master & slave sources, win32 slave binary)
- WinSock Reverse Shell (sources, binary)
- ASP.NET Shell
- ASP Shell
- Coldfusion Shell
- PHP Shell
- PHP Eval
- JSP Shell